Hello,
while it worked under Joomla 3 with the same configuration, the authentication with "Active directory" does not work anymore under Joomla 4.0.3
that it works as before.
error message : ldapfailure The login does not match the password, or you do not have an account yet.
Joomla 4.0.3
I did some debugging and found that the users_dn field is not used for "direct binds" when it should be.
To make this work, I modified the joomla/plugins/authentication/ldap/ldap.php file as follows:
//$ldap->bind($ldap->escape($credentials['username'], '', LDAP_ESCAPE_DN), $credentials['password']);
$dn = str_replace('[username]', $credentials['username'], $this->params->get('users_dn', ''));
$ldap->bind($dn, $credentials['password']);
Labels |
Removed:
?
|
Labels |
Added:
No Code Attached Yet
|
I find it amazing that J4 shipped without a working LDAP plugin
Where's the best place to check for an update on this one? This is a show-stopper for me; I've rolled back to 3.10.3 for now...
working LDAP is a must-have for several of the organizations I support. Previously I used jmapmyldap (https://shmanic.com/tools/jmapmyldap/download.htm) which works fantastic on a Joomla 3 site. I am not a coder by any stretch so perhaps this project can be revived with a new fork and updates for Joomla4 ?
I have this LDAP error since php8, the reason I found in isConnected() function of ldapclient.php:
public function isConnected()
{
return $this->resource && \is_resource($this->resource);
}
the "\is_resource($this->resource" expression causes the error. Uncomment it and it works
The LDAP in Joomla 4 is so broken it should be removed as a feature completely
Forgot to mention: using Joomla 3.10.
LDAP authentication essentially for us
@gopalji can you please send a PR against 3.10 with the details to reproduce and the detailed error messages this here is about the J4 LDAP Plugin. Interessting to know would be a detailed error message and maybe with an var_dump on $this->resource to understand why it fails on PHP 8.1
Status | New | ⇒ | Closed |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2022-06-01 19:39:22 |
Closed_By | ⇒ | richard67 |
I pulled down a copy of 4.2.3 today. The aforementioned fix is in place, my LDAP was broken in spite of that, using the same configuration as many of my other 3.X sites.
I tried dvince38's fix.
To make this work, I modified the joomla/plugins/authentication/ldap/ldap.php file as follows:
//$ldap->bind($ldap->escape($credentials['username'], '', LDAP_ESCAPE_DN), $credentials['password']);
$dn = str_replace('[username]', $credentials['username'], $this->params->get('users_dn', ''));
$ldap->bind($dn, $credentials['password']);
This absolutely WORKS, thank you dvince38 very much.
unfortunately, it didn't help me :(
A fix is not yet in place, this issue is closed because a pull request to test is available! However, there is a lack of successful human tests to have it included in a release.
Please apply the fix at #37959 and (quoting @richard67):
please go to the pull request in the issue tracker here https://issues.joomla.org/tracker/joomla-cms/37962 and mark your test result by using the blue "Test this" button at the top left corner, selecting your test result and then submit. Thanks in advance.
After 2 successful human tests, the patch should hopefully be included in a coming release.
@DoctorDeatch you probably have (also) other ldap issues, there are multiple issues with multiple fixes of which you may need a combination to get it working with your setup. (J4: #37962 #37959 #38388; J3: #38750)
I created an new update package that includes all ldap pr, so you test them all at once: https://github.com/tatankat/joomla-cms/releases/tag/4.2.3-patched
Please do test! Please press the blue button!
@tatankat any luck getting your PR(s) merged? Do you still need testers?
I used to maintain my own fork of JMapMyLDAP, but don't have the time or energy to migrate it to 4.x. But if the native plugin worked properly, I could make do with that. So I'm happy to help out with testing and anything else you need to get this stuff fixed.
@cheesegrits partially.
The problem reported here should be fixed with the merged PR #37959 in 4.3
For PRs #38388 & #37962, there is still testing to be done.
The LDAP in Joomla 4 is so bad as to be totally unusable. It needs a complete rewrite by someone who understands LDAP.
#35571
#35573
#25434
#35316
#35216
#35323
#32400
#35768